phySicAlly secUre reconfiguraBlE platfoRm (SAUBER)

物理安全的可重构平台（CLEAN）

• 批准号: 435264177
• 负责人: Professor Dr. Amir Moradi
• 金额: --
• 依托单位: Institut für Technische Informatik
• 依托单位国家: 德国
• 项目类别: Research Grants
• 资助国家: 德国
• 项目状态: 未结题
• 来源: https://gepris.dfg.de/gepris/projekt/435264177?language=en
• 关键词: phySicAlly; secUre; reconfiguraBlE; platfoRm; SAUBER

In the growing digital world, where many aspects of daily life are solely performed by the information technology infrastructure, their security concerns are greater than ever before. With software becoming more secure on one hand, and compromising hardware becoming easier on the other hand, the hardware becomes the Achilles heel for the system security. In complex systems on chip (SoCs) of today, the reconfigurable fabric, in the form of field programmable gate array (FPGA), plays an important role due to its rapid time to market, flexibility, and updatability. FPGAs are also very promising for many secure platforms, since they allow “security patches” to the hardware and the system, as it is normally done in software. Despite such promising prospects of FPGAs for secure applications, there are still many security issues to be resolved for the FPGA fabric since the existing commercially-available reconfigurable technology is not made for secure applications. There exist challenges in applying the currently-known countermeasures to physical attacks in FPGA platforms, due to high area, low throughput, high power/energy, high latency, etc. The implementation and mapping of such security schemes to the FPGA is “ad hoc”, meaning for every cryptographic algorithm and every design architecture, the countermeasures should be readjusted. In addition, the existing FPGA technology is vulnerable to many security attacks and side-channel analysis, even enabling adversaries to attack the system remotely.The main objective of this project is to design a secure reconfigurable platform (SAUBER), which is resilient to various malicious physical attacks and can act as the center of trust in SoCs, in order to implement cryptographic algorithms and other highly secure functions. The new platform would provide strong protection against side-channel analysis attacks, fault-injection attacks, thermal attacks, power supply noise attacks and at the same time enable adjustable security primitives, e.g., PRNG, necessary for algorithmic countermeasures against physical attacks. We will investigate how to adopt and re-design currently available ASIC-based hiding countermeasures so that their realization in a reconfigurable platform would lead to strong protection against physical attacks. We will design the secure reconfigurable fabric and develop the secure mapping toolchain, on top of existing open source FPGA mapping tools, to automatically map user applications to this platform and embed security features in a systematic and automated manner.

在日益增长的数字世界中，日常生活的许多方面都完全由信息技术基础设施执行，他们的安全问题比以往任何时候都更大。一方面，随着软件变得越来越安全，另一方面，硬件变得越来越容易，硬件成为系统安全的阿喀琉斯之踵。在当今复杂的片上系统（SoC）中，现场可编程门阵列（FPGA）形式的可重构结构由于其快速上市、灵活性和可更新性而发挥着重要作用。FPGA对于许多安全平台来说也是非常有前途的，因为它们允许对硬件和系统进行“安全补丁”，就像通常在软件中完成的那样。尽管FPGA用于安全应用的前景如此光明，但FPGA结构仍有许多安全问题有待解决，因为现有的商用可重配置技术并不适用于安全应用。由于FPGA平台的面积大、吞吐量低、功耗高、延迟长等特点，将现有的安全对策应用于FPGA平台上的物理攻击存在着挑战。这种安全方案在FPGA上的实现和映射是“自组织”的，这意味着对于每一种密码算法和每一种设计架构，都需要重新调整对策。此外，现有的FPGA技术容易受到许多安全攻击和侧信道分析，甚至使对手能够远程攻击系统，本项目的主要目标是设计一个安全的可重构平台（SAUBER），该平台能够抵御各种恶意的物理攻击，并能够作为SoC中的信任中心，以实现密码算法和其他高安全性的功能。新平台将提供强大的保护，以抵御侧信道分析攻击、故障注入攻击、热攻击、电源噪声攻击，同时实现可调整的安全原语，例如，PRNG，用于对抗物理攻击的算法对策。我们将研究如何采用和重新设计目前可用的基于ASIC的隐藏对策，使其实现在一个可重构的平台将导致强大的保护免受物理攻击。我们将设计安全的可重构结构，并在现有的开源FPGA映射工具之上开发安全映射工具链，以自动将用户应用程序映射到该平台，并以系统和自动化的方式嵌入安全功能。